Fontys S7

Vulnerability scanning

For vulnerability scanning I'm making use of the SOC I've already setup.

The Wazuh vulnerability scanner does the same thing as OpenVAS hence why I've chosen not to install OpenVAS but to use Wazuh instead. This is just way more cost-effective in terms of resources and easy of use.

Wazuh will tell which package on which system is vulnerable, which CVE is connected to it, the severity and if the CVE is fixed in the latest update. Thus if you need to update the package or not.

• Date: December 2021
• Client: Fontys
• Category: Technical Skill